Security Affairs newsletter Round 303

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.comExperts warn of threat actors abusing Google Alerts to deliver unwanted programsFBI warns of the consequences of telephony denial-of-service (TDoS) attacksAn attacker was able to siphon audio feeds from multiple Clubhouse roomsGeorgetown County has yet to recover from a sophisticated cyber attackNSA Equation Group tool was used by Chinese hackers years before it was leaked onlineResearchers uncovered a new Malware Builder dubbed APOMacroSploitUkraine sites suffered massive attacks launched from Russian networksFIN11 cybercrime group is behind recent wave of attacks on FTA serversIBM addressed flaws in Java Runtime, Planning Analytics Workspace, Kenexa LMSNurseryCam daycare cam service shut down after security breachTwitter removes 100 accounts linked to Russia disseminating disinformationVMware addresses a critical RCE issue in vCenter ServerA Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanismAirplane manufacturer Bombardier has disclosed a security breach, data leaked onlineAPT32 state hackers target human rights defenders with spywareUkraine: nation-state hackers hit government document management systemCisco fixes three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OSGoogle discloses technical details of Windows CVE-2021-24093 RCE flawNorth Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoorThousands of VMware Center servers exposed online and potentially vulnerable to CVE-2021-21972 flawChina-linked TA413 group target Tibetan organizationsData Breach: Turkish legal advising company exposed over 15,000 clientsHackers are selling access to Biochemical systems at Oxford University LabMicrosoft releases open-source CodeQL queries to assess Solorigate compromiseNew Ryuk ransomware implements self-spreading capabilitiesExperts found a critical authentication bypass flaw in Rockwell Automation softwareHotarus Corp gang hacked Ecuadors Ministry of Finance and Banco PichinchaT-Mobile customers were hit with SIM swapping attacks

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

try { window._mNHandle.queue.push(function (){ window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”); }); } catch (error) {} try { window._mNHandle.queue.push(function (){ window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”); }); } catch (error) {}

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 303 appeared first on Security Affairs.

Read the full article at https://securityaffairs.co/wordpress/115095/breaking-news/security-affairs-newsletter-round-303.html?utm_source=rss&utm_medium=rss&utm_campaign=security-affairs-newsletter-round-303